From: Jouni Malinen Date: Fri, 15 Apr 2022 08:59:01 +0000 (+0300) Subject: OpenSSL: Extend CMAC to support 192-bit AES X-Git-Tag: hostap_2_11~2075 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4fcd296608dd08b957f5debe5b37bb60d8c7a576;p=thirdparty%2Fhostap.git OpenSSL: Extend CMAC to support 192-bit AES This is used with DPP and SAE when using P-384, so prepare the OpenSSL implementation to support these cases to allow the internal CMAC implementation in aes-omac1.c to be replaced. Signed-off-by: Jouni Malinen --- diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 8ce1e48cb..3fb1f18d1 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -1757,6 +1757,9 @@ int omac1_aes_vector(const u8 *key, size_t key_len, size_t num_elem, if (key_len == 32) { if (!CMAC_Init(ctx, key, 32, EVP_aes_256_cbc(), NULL)) goto fail; + } else if (key_len == 24) { + if (!CMAC_Init(ctx, key, 24, EVP_aes_192_cbc(), NULL)) + goto fail; } else if (key_len == 16) { if (!CMAC_Init(ctx, key, 16, EVP_aes_128_cbc(), NULL)) goto fail;